Benefits

Research and Analysis Not Found Elsewhere - Exclusive content from researchers think tanks, industry experts and respected analysts.

High-Profile Peers - Interviews with thought leaders in the global and U.S. insurance industry.

Online Access

Complete, unrestricted access to the popular CarrierManagement.com website, which provides insurance company C-suite executives with daily news, white papers, advice, instruction and editorial on how to manage insurance companies more efficiently and more effectively.

Print Edition

6 bi-monthly issues of Carrier Management magazine every year.

Cyber Catastrophe Modeling: Challenges of an Inexact Science

Insurers, their regulators and ratings agencies are increasingly aware of the potential for a catastrophic cyber loss. The aggregation of cyber risk assumed under policies providing affirmative or non-affirmative (silent) cyber coverage could be enormous. Last year’s Wannacry and NotPetya ransomware and malware attacks hammered home the risk of widespread losses from untargeted attacks.

Executive Summary

Cyber catastrophe models continue to be improved, although modeling is an inexact science at best and at worst something akin to educated guesswork, according to Mark Synnott and Jess Fung of Willis Re. Just like the early development of windstorm and earthquake models, the fine-tuning of cyber models will take time.

Other scenarios could bring even more worrying accumulations. In one example from last year, hackers planted malware in the technology of Schneider Electric. The company manufactures safety shutdown systems for nuclear, oil and gas plants, as well as mining and water treatment facilities. The only known attack employing this embedded malware in a Schneider product affected just one unidentified energy operation in the Middle East. However, if multiple Schneider users had been affected, the outcome could well have been catastrophic and led to unthinkable damage in multiple regions.